Registrars continue to violate the ICANN transfer policy

One of the most frustrating things we deal with is helping customers transfer domain names from other “registrars” (domain name companies) to us. To do this, we ask the old company to release the domain name, and they then have five business days to either release it or reject the transfer.

There’s an obvious potential conflict-of-interest here. An unscrupulous company could easily make more money by rejecting the transfer and forcing the domain name owner to renew it there instead.

Fortunately, this shouldn’t be a problem. ICANN, the organization that controls domain name policy, requires registrars to follow some very specific rules about transfers (here, with an update here). They list nine specific situations in which a transfer can be rejected, explicitly banning other reasons.

For the most part, this prevents arbitrary rejections. However, there are a few registrars that continue to violate the rules. We’ve complained (again and again) to ICANN about this, but they don’t seem interested, so I’ll mention a few problems here.

Register.com is one frustrating company. The ICANN policy clearly prohibits blocking a transfer of a domain name that has expired but not yet been deleted. Despite that, a customer trying to transfer a three-day-expired Register.com domain name told us last week that they flat out refused to give him the necessary code to allow him to transfer — unless he pays them to renew it first. That isn’t the first time we’ve heard this, either.

GoDaddy (and their reseller arm, Wild West Domains) have a different problem. They still block transfers for 60 days after a registrant contact update, even after the ICANN update specifically prohibited doing so. They freely admit it, too. GoDaddy’s Disputes Manager recently told us that blocking transfers for this reason is okay because “It is not necessary to update registrant information in order to transfer a domain name”. That’s irrelevant, of course; domain name owners are legally required to update registrant information whenever it becomes inaccurate, as ICANN’s update makes clear. GoDaddy can’t legitimately block transfers just because someone followed the legal requirement to update their contact information.

We see a similar problem with many transfers from Network Solutions. They often tell their customers that they’ve rejected the transfer “due to potentially suspicious activity in your account”. When customers ask for details, they’re told that the only “suspicious activity” was a recent contact update. Again, this is exactly what the policy prohibits.

GoDaddy and Network Solutions claim they’re protecting registrants by implementing these security measures, as if a recent contact update is a reliable sign of malicious activity. But many registrants update all their contact information just before they transfer their domain name to make sure the transfer approval notices reach their current address. They just don’t think about until then. It’s perfectly normal.

In addition, the “security measures” probably don’t work anyway. Surely by now any competent domain name thief knows not to update the registrant contact until after they’ve transferred the domain name to another registrar, thus bypassing the “security” completely.

While the GoDaddy and NSI efforts almost certainly have blocked some fraudulent transfers, so would a rule saying “you can’t transfer domain names during months that contain an R”. What really matters is how many legitimate transfers are also blocked. We’ve been on the receiving end of many blocked transfers, and we always try to push the other registrar to provide details about the “security problem” — I’ve spent literally days of my time doing this over the last two years. In every single case, the attempted transfer has turned out to be legitimate.

If GoDaddy and NSI wanted to prove they were protecting registrants, they could share some statistics about how many of the blocked transfers eventually get completed later anyway, vs. how many of the blocked transfers result in complaints or actions by registrants to block future transfers (such as authorization code changes) . We’re pretty sure the former vastly outweighs the latter.

Of course, they won’t share those statistics, because that would reveal how many domain name owners they’re inconveniencing. Instead, they’ll just continue to flout the ICANN transfer rules, and ICANN will continue to do nothing.

Here’s our pledge to our customers: We’ll always abide by the letter and spirit of the ICANN transfer policies. If you want to transfer your Tiger Technologies domain name elsewhere, we’ll help you, not hinder you. In fact, we’re one of the few companies that publicly explains how to do it. We value your business, but we’ll never force you to stay with us against your will.

(And by the way, we’re not ignoring security, either. Every domain name transfer gets reviewed by a real person here, and if we see anything unusual, we’ll send you an e-mail message and/or give you a call to find out what’s really going on.)

16 Comments

ICANN’s GNSO Council has commissioned a Working Group to examine these issues, the group is kicking off in the next couple weeks. All volunteers and information are welcome to be submitted. Requests to participate in the group (or merely lurk on the list) should be sent to glen@icann.org.

on Wednesday, July 22, 2009 at 5:03 pm (Pacific) Tim Rowe wrote:

I think they continue to *flout* the ICANN transfer rules, not flaunt them.

on Wednesday, July 22, 2009 at 5:18 pm (Pacific) Robert Mathews wrote:

Tim — Heh, you’re absolutely right. I even know the difference, so I shouldn’t make that silly mistake. Fixed. Thanks!

I’ve been on the receiving end of the ways of Godaddy. Register.com, I wanted to forward my domain as temporarily moved, but unless I pay $49/year they insert register.com ads on the forwarded site! I’m definitely interested in your services and absolutely appreciate your article!

on Thursday, July 23, 2009 at 1:19 am (Pacific) Lori wrote:

I can’t believe anyone is still using GoDaddy.com. They’ve got to be the worst registrar on Earth. How do companies like this stay in business when their customer service reputation is so universally horrible?

I have used GoDaddy since I went on the internet two years ago – they were the cheapest registrar going that particular week, and the registration/setup process was relatively painless. Such a shame to hear that a company which has done so well by me is nonetheless an unscrupulous, quasi-criminal enterprise. As a matter of course, I shall do whatever is necessary to identify and switch to a more ethical registrar upon the expiration of my current business arrangement with GoDaddy.

Thank you for raising this issue. If you have specific incidents of alleged noncompliance regarding the Transfer Policy, please contact me so I can investigate each complaint and take appropriate compliance action. You can reach me at [address redacted by Tiger Technologies for privacy].

William, I’ll be glad to do so, but just so it’s clear: I’ve sent multiple examples to other people in ICANN’s compliance department, at their request, over the last two years. ICANN staff have acknowledged receiving them and said they’d look into them, but nothing has happened.

on Thursday, March 25, 2010 at 3:22 pm (Pacific) Peter wrote:

Dear Sirs,

As a business owner I find the unregulated confict of interest issues among some Registrars and the total disregard of the Registrant as unbelievable.

I had my business domains registered through a reseller, of course with the professional looking templates available to him and being busy looking after my own business and customers I never had reason to know there was a difference between a reseller and a registrar.

The Reseller went through a stage of very bad health (it can happen to humans),
having failed to get replies to my emails regarding the renewal of the domains I sought the advice of a professional web site builder.

He was able to tell me who the real Registrar was (hint: cowboys and Indians), I tried to contact them directly to renew my domains but the emails were ignored.

My advisor suggested requesting the domains be transferred using the services of one of the (claimed) largest registrars in the USA who is also an affiliate of the original Registrar.

Of course they took my money to transfer the domains which were still well inside the sixty day redemption period but nothing was happening except my domains were then showing an advertising page for the very registrar I had paid to transfer them into a safe account where I could use them once again.

I manged to contact a gentleman on one of the few email addresses listed on the ICANN web site, in fairness he replied both by email and telephone.

The result was I now could get replies from the original Registrar but nothing positive or helpful just the bare minimum to be able to say they replied to my emails.

Having made the connection between the original registrar and the one I was trusting (and paid) to carry out the transfer I was sending duplicate emails begging for help which was not forthcoming because I could not access the Resellers account.

On day 60 the registrar sent me the document that would allow the domains to be transferred back to my care, the amount of paperwork and the manner I had to reply was nothing short of obstructing any chance of progress.

Of course on day 61 they reduced the amount of paper work to one page and easy to establish proof of identity.

The two .com domains had been sold by the registrars internal auction system for a substantial sum of money at one minute passed the 60 day redemption period !!!!

The Registrars have made it clear to me that I will not get my domains back, ICANN are playing the role the three brass monkeys (blind, deaf and dumb).

I believe this amounts to nothing less than Insider Trading and abuse of the status and role of a Regstrar.

The Reseller is not responsible to anyone, he / she has no contact or contract with ICANN, yet they are allowed to register domain names that so many businesses depend on to trade.

Sorry but the www is too big and too important to the world economy to be left in the control of the Elite known as ICANN and it’s Registrars.

What you will find are details on how the Go Daddy Group overseen by ICANN Stole the .com domains of the same name.

Think it can’t happen to you?

The Go Daddy Group have the Inside Track on all the Reseller Accounts in Wild West Domains.

All their alleged “Support Departments” have to do is string you along with part information allowing them to take control of your domains.

on Thursday, December 15, 2011 at 8:09 am (Pacific) Kev wrote:

Hello,
Some registrars make you sign a contract written that you’re commited to leave the domain in their registrar for X years. Then if you try to transfer the domain somewhere else during this period, they ask you to wait for the end of the period or to pay a fee, preventing you from unlocking the domain.
Is it legal?

on Thursday, December 15, 2011 at 9:24 am (Pacific) Robert Mathews wrote:

Kev wrote:

>Some registrars make you sign a contract written that you’re commited to leave the domain in their registrar for X years.

This is the first I’ve heard of this, and I’m not quite sure what you mean when you say “make you sign a contract”. Hopefully they’re not coming round to your house and holding a gun to your head: “You can agree to our Terms of Service the easy way or the hard way…”

But if you voluntarily and intentionally sign a written document asking a registrar to reject transfers for X years, then that appears to be allowed under the ICANN transfer policy as an “express written objection to the transfer”.

I have no problem with that, either. Some customers might choose to do it for security reasons, for example, to guarantee that a rogue employee can’t hijack a corporate domain name.

Yesterday, I unlocked and initiated a transfer on 5 domains. No problem.

Today, I requested 4 more be unlocked and they said that they were now on a 60 lock.

For some background, all 9 of these domains were renewed at the exact same time earlier this month. All of them are much older than 60 days so according to ICANN policy I must be allowed to transfer them.

Customer support just lied to my face and said that it is their policy to lock domains for 60 days after they are renewed. When I pointed out that yesterday they had no problem doing it and then asked if their policy had changed in the last 16 hours the answer was no.

I am reporting them to ICANN as they are now holding me hostage.

DomainDiscover / Tierra.net should be avoided at all costs. They will lie to you and do everything possible to prevent you transferring a domain to another registrar.

on Tuesday, April 22, 2014 at 6:39 am (Pacific) Rick wrote:

I have a simple solution. Registrars caught violating ICANN rules are forced to pay damages. By damages I mean my time billed to the customer for having to go through this bullshit. A $500 bill for blocking a domain transfer from 4 or 5 thousand people will put them out of business quickly.

I tell customers that if they are with Go Daddy or Network Solutions that I won’t do any work for them until they are moved to a “reputable” registrar. I then furnish them with 90 or so pages of complaints against both companies for sleazy practices.

So what is the general consensus here then, what are the good and reputable domain registrars to go with, I have been having so many problems with GoDaddy/WildWestDomains/BuyAWebsite I can’t even begin to explain, I don’t even know where to start.

I need to switch registrars asap.

on Wednesday, December 3, 2014 at 2:31 pm (Pacific) Ken wrote:

Well we have a simple answer: we think we do a great job; we provide very good customer service; and our prices actually beat our main competitors: